00:01
Hello and welcome.
00:02
This module will look at the plan risk
responses process in the PMBOK
guide. It's got a very high exam importance
because
the exam stresses and places a great deal of
importance on appropriate
proactive and reactive risk response
planning as a key
component in successful risk management and
successful project management.
00:27
The difficulty is low, though, because you
probably do some of these things already.
00:31
If you do risk management on your project
and there are some new concepts to
introduce you to, particularly around
strategies for positive risk
or uncertainty, and as such, the
memorization is rated as medium,
but do pay particular attention to these
particular strategies because there's
almost certainly going to be questions in
the exam on these.
00:57
So the plan risk response process is one of
six
processes in total and the risk management
knowledge area.
01:07
There are five planning process and this one
comes at the end, but it's not the
last because it's an iterative process.
01:15
So even though those processes are presented
as a list and give you the impression that
you do one, identify risks and then you do
perform qualitative risk analysis
and then quantitative risk analysis and then
plan risk responses.
01:29
That's not actually how it works in real
life.
01:33
It's an iterative reoccurring process where
they all happen concurrently.
01:38
The particular domain task?
And remember, it's the domain tasks that
make up the contents of the exam
that this process focuses on is Planning
Task
10, which says develop the risk management
plan by
identifying, analyzing and prioritizing
project risks and defining risk
response strategies in order to manage
uncertainty and opportunity
throughout the project lifecycle.
02:06
And obviously what we're focusing on and that
sentence is defining risk response
strategies. The key themes of this
process are, well, we've gone ahead and
we've identified our risks.
02:21
With prioritize them and maybe even assigned
a quantity, a quantitative value to
them. So what are we doing next logically?
Well, we proactively plan our responses to
each one.
02:33
Now we can actually have multiple responses
too.
02:37
We can have some proactive responses and
reactive responses for each of our risk
events. It's not a one to one relationship,
as in one event, one
response, it's not uncommon to have multiple
planned responses for each risk
event. But remember, and here's a key tip.
02:55
If a question in the exam says that you've
just completed risk
response planning and identified particular
risk response work to be
done, what is the next step?
Well, the next step is always to ensure that
your project scope and scope baseline are
updated. Because you've just described extra
work to be done on the
project. And don't forget, once it's been
added to the scope baseline,
you need to estimate cost and time and check
that that work's being done.
03:26
So do keep that in mind.
03:28
Risk response work is extra work to be done
on the project and needs to become
part of your project scope.
03:37
The possible inputs that we will want for
this process include our
risk management plan, obviously, because
that's going to guide our risk response
planning work and of course, our risk
register without our risk register.
03:52
We simply couldn't do risk response
planning.
03:55
It's got the information in it about our
identified risks.
03:59
Any qualitative analysis we've done, any
quantitative analysis we've done.
04:05
And we're going to use all of this
information to plan appropriate risk
responses. The particular tools and
techniques
that we may choose to use, if appropriate,
include strategies for
negative risks or threats and strategies for
positive risks or
opportunities. Remember, risk simply means
uncertainty
and there can be negative or positive risks
or uncertainty on your
project. We're all very used to the negative
risks, the chance of coming in
over budget or coming in over time.
04:43
But what about the chance of coming in under
budget or finding a new
technology or exceeding client expectations?
These are all positive risks, and you should
be prepared to see if he can make
those things happen and if they do happen,
make their impact bigger.
05:00
Now this concept of positive risks is often
new to a lot of people who
think that risk management is purely around
negative risks for the exam.
05:10
You'll need to be aware of negative and
positive risks and a little tip.
05:14
When I do a risk register, I like to make
about one third of the risks on it.
05:19
Positive risks.
05:22
Once we've got our actual risk strategies
for either negative or positive, we may
also want to put in place some contingent
response strategies, and we'll have a look at
those shortly.
05:32
These are strategies for things we can't
properly plan for.
05:38
We'll also want to use expert judgment.
05:41
Remember, you're an expert.
05:43
Your project team members, particularly
those who've done the sort of project before
and dealt with these sort of risks before,
are also experts.
05:52
And you may also wish to reach out to risk
management professionals with
particular expertise in this area to get
appropriate
responses. So let's take a closer
look at strategies for negative risk and
strategies for positive
risk. The first of our strategies for
negative risk is to
avoid the risk.
06:17
And by avoiding the risk, we choose to not
engage in the activity that could lead to the
risk. Remember, and communications avoidance
is bad, but
not on risk management.
06:28
So an example is you could avoid the risk of
traffic on the motorway by
taking a back road.
06:35
Perhaps you've identified the risk of an
earthquake hitting your multi-story building
during construction.
06:41
How could you avoid it build in another city
that's not prone to earthquakes?
So avoidance as a strategy for negative risk
means avoiding the risk
entirely. Another strategy is transfer,
so for negative risks, we can choose to make
the risk someone else's problem.
07:01
So if the risk does occur, it's not our
problem, it's theirs and they need to deal
with it. And the most common way of
transferring risk is with
insurance. In fact, the whole insurance
industry is built up on accepting
somebody else's risk.
07:18
Another strategy for negative risks is to
mitigate.
07:22
And with mitigation, we're going to try and
lease listen either the impact or the
likelihood of the risk.
07:28
We know it's going to have an impact and we
know it's got a probability or likelihood,
but we're going to try and reduce it.
07:34
If it does happen, not get rid of it
completely.
07:37
That's avoidance.
07:39
So, for example, we may choose to build a
house to certain specifications to
lessen the impact of a hurricane or perhaps
an earthquake.
07:48
So we know the risk is going to happen.
07:50
We're trying to mitigate the effect or the
likelihood.
07:55
Here are some strategies for positive risks.
07:58
The first one is exploit, and this is an
attempt to remove
the uncertainty and make sure the event will
happen or increase the chances of it
happening. So, for example, if there is a
risk, a positive risk
that the project will be more profitable
than anticipated.
08:16
Make sure the contributing factors are
identified and continued.
08:20
What else can you do to increase that
profit?
Put in place those strategies now exploit
that opportunity.
08:29
Another strategy for positive risks includes
sharing.
08:34
Now this is particularly important when
looking for work because you
may improve the chance of the risk occurring
by working with another party with
particular expertise or with another set of
contractors.
08:47
So, for example, you may increase the
chances of winning a particular
job. By sharing the responsibility with a
complimentary
vendor in response to a request for proposal
sharing.
09:05
Another strategy is enhance.
09:09
You want to increase either the likelihood
or the impact of the positive risk
occurring. A simple example is to increase
the risk of
winning a lottery by buying more tickets,
but perhaps a more relevant example would be
increase the chances of doing great customer
work, bringing it in under
budget or ahead of time by perhaps assigning
your senior staff, rather than your
junior staff, to a particular set of project
work.
09:37
So enhance.
09:38
So I've given you three strategies for
negative risk and three strategies for
positive risk. Remember, the three
strategies for negative risks are avoid,
mitigate or transfer for positive it's
share,
enhance and exploit.
09:54
But there's a strategy that they both have
in common and that's accept.
10:00
For both positive and negative risks, you
could simply choose to
accept it. It is going to happen, and if it
does happen, you'll deal with
it. So if the cost or impact of the response
is
greater than the cost or impact of the risk?
It may be that your best strategy is simply
to accept that and deal with it if it
happens. So for the exam, you'll need to
remember all of
those strategies.
10:28
So in total, there are, in fact, four for
each.
10:32
So remember for negative.
10:34
It's a void transfer, mitigate or accept for
positive
risks, exploit, share, enhance or
accept. Now, despite all your best efforts
at
risk response planning, and no matter how
good you are, you always have to anticipate
that you might not have planned for
everything and so you need some contingent
response strategies.
11:01
The first one is a contingency or fallback
plan, and this is
your plan to deal with unforeseen risks
triggered by preset
conditions, so the conditions could be a
consistent rise in the
price of oil.
11:16
Now you don't know what it's going to cause,
but they are the trigger conditions and it
tells you to pre-purchase or reduce your
fuel expenditure some way.
11:25
So having a contingency plan or fallback
plan is very useful.
11:29
I recall one project I worked on many years
ago where our contingency plan was
a phone tree, which told us if something
happens that we haven't foreseen.
11:39
These are the people to ring to figure out
what to do.
11:42
It was a great contingency plan to have in
place.
11:45
The other contingent response strategy that
you need to know for the exam is the
workaround, and this is a temporary solution
to get you through the risk.
11:55
Now, you probably haven't anticipated this
risk or couldn't have reasonably foreseen it.
12:01
But it gets you around. And one of the best
examples that I like is, in fact, the movie
Apollo 13.
12:07
And if you've seen the movie starring Tom
Hanks and he utters those famous words,
Houston, we have a problem when he looks
outside and sees the canister venting gas
into space. Well, if you watch that movie,
what happens next is a workaround.
12:21
The technicians and engineers at NASA go
through their planned risk responses
and discover they have no planned risk
response for the strategy.
12:30
So instead, what they do is create a
workaround.
12:33
They go into a room, they get the right
people in the room and they create a
temporary solution.
12:38
In this case, some filters to get the
astronauts back to Earth.
12:43
So a workaround is a temporary solution to
get you through the risk.
12:48
Now, don't rely on workarounds to get you
through the entire project.
12:52
Well, I guess unless, of course, you've got
a very high risk tolerance in your
organizational culture.
12:58
The workaround is generally a part of an
area of last resort
for your risk management, but for the
purposes of the exam, you need to know what a
workaround is.
13:10
The particular outputs from the plan risk
responses process include
project management plan updates.
13:18
Updates to your risk management plan.
13:20
Your Scope Management Plan.
13:22
Your Time Management plan because your
planned risk responses
may incur extra cost and time as a result of
the extra work
to be done. So keep that in mind.
13:34
I began this module by telling you that if
you do develop risk
responses, they represent extra work to be
done on the project.
13:43
That extra work needs to be captured in your
scope baseline,
and once it's in your scope baseline, it's
part of your WBS or work breakdown
structure. And therefore you can allocate
time, cost and people to doing the
work and check that it's being done.
14:01
So those are the elements of your project
management plan that you may update.
14:06
And of course, you will do some project
document updates as well,
particularly success of iterative updates to
your risk register
where you put in place your planned risk
responses.
14:19
You may also choose to update lessons
learned and remember with
lessons learned, you are collecting those
throughout the entire project for collation
and documentation at the end of the project.
14:33
So in summary, the plan risk responses
process proactively
plans and appropriate response or responses.
14:41
Remember, we can have multiple responses to
a single risk event.
14:47
And puts them into the risk register, and
they become work to be
done on the project.
14:55
Thank you very much.
14:56
This has been an introduction and an
overview to the plan risk responses
process of the PMBOK guide.